Lecture Notes for Client-Server Interfaces

29 March 2001 - The Common Gateway Interface (CGI)

  1. a uri can refer to any resource on a server's host - not just files

    1. databases, devices, running programs, . . .

    2. how does the server know about them

    3. how does the server deal with them

    4. cuts into server portability, simplicity

  2. responsibility for non-file uris is handled off to the server's host

    1. a program acts as an intermediary between the server and the host

    2. the common gateway interface (cgi) describes how the intermediary and server interact

    3. interaction between the intermediary and the host is left up to the parties involved.

    4. the intermediary can be any program that conforms to the cgi

  3. basic interaction between the intermediary (or gateway) and the server

    1. the server sends information to the gateway via environment variables, command-line arguments, and std-in.

    2. the gateway sends information to the server via std-out

    3. environment variables

      1. name-value pairs stored in a program's operating environment

      2. accessed via $name notation in shells or via getenv("name") calls in programs

      3. some environment variables are set by the server - GATEWAY_INTERFACE

      4. some are extracted from the request - QUERY_STRING, REQUEST_METHOD

      5. some are copied from the request - HTTP_ACCEPT, CONTENT_LENGTH, CONTENT_TYPE

    4. command-line arguments - obscure and not often used

    5. std-in input - used in the post method

      1. request prefix must contain a Content-Length: header - Content-Type: is not necessary but useful

      2. data appears after the blank line ending the request prefix

      3. the server puts the content length in the CONTENT_LENGTH environment variable

      4. the data appear at the gateway's std-in - not necessarily ending in a newline

    6. gateway std-out to the server

      1. the server reads the gateway's output and ships if off to the client

      2. the gateway starts with a mini-prefix describing the content type, followed by a blank line, followed by the content

      3. the server creates a full response from the gateway's output

      4. the gateway can also redirect and indicate status

  4. that's pretty much it for the cgi

    1. cgi programming is dangerous because it relies on arbirary other data from arbitrary other clients

  5. data-transmission details

    1. the post method

    2. get method

      1. extra information can be placed in a get uri

      2. GET uri?data HTTP/1.0

      3. the data is arbitrary, but cannot contain any white space

      4. the url encoding of + for space and %xx characters

      5. the data shows up in the query_string environment variable

      6. Content-Type: application/x-www-form-urlencoded

    3. header lines

      1. attribute-value pairs may appear after the media type in a Content-Type: header line

This page last modified on 3 April 2001.